While senior officials who had been briefed on the matter told CNN that the attack only exposed unclassified information, the contained contained on the server was not made public and is considered highly sensitive.
CNN reports that the breach, which is considered one of the most sophisticated attacks ever directed at the U.S. government, was initially identified in October. Hackers first gained access to computers in the State Department, which they likely used as an entry point to the White House. Investigators told CNN that the attack was probably done through the use of phishing emails targeting State Department employees that tricked them into unsuspectingly downloading malware.
When the infection was discovered last year, systems administrators briefly shut down VPN access and told officials to set new passwords, but the larger system was remained online throughout.
A report released around that time by the cybersecurity firm iSight Partners noted that a group of hackers, likely working at the behest of the Russian government, has been using a previously undisclosed “zero day” for the Microsoft Windows operating system to gain access to computer systems operated by global leaders like NATO and the Ukrainian government. Researchers dubbed the group “SandWorm.”
“This is consistent with espionage activity,” iSight Senior Director Stephen Ward told The Washington Post at the time. “All indicators from a targeting and lures perspective would indicate espionage with Russian national interests.”
This incident isn’t the first time that Russian hackers have compromised U.S. national security.
In 2008, the government believed that Russian intelligence operatives were responsible for a large-scale breach of classified governmental networks, which exposed top secret military plans for the wars in Iraq and Afghanistan. At the time, the attack was considered the single most serious cyberattack on U.S. military systems in history.
To be fair, spying on the private communications of foreign leaders is something the U.S. has also been caught red-handed doing. In 2013, a report by the German newspaper Der Spiegel caught the NSA bugging the cell phone of German Chancellor Angela Merkel.
Photo via AgnosticPreachersKid/Wikimedia Commons (CC BY SA 3.0)